- Original Message -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, November 04, 2000 4:27 PM
Subject: Re: Tomcat 3.3 / 4.0 confusion, rant and plan...
And why not:
Servlet2.0 - Tocmat3.3
Servlet2.1 - Tomcat3.3
Servlet2.2 - Tomcat3.3
Servlet2.3 - Tomcat3.3
- Original Message -
From: "Nacho" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Saturday, November 04, 2000 9:32 PM
Subject: RE: Why tomcat 3.x makes redirects (302) absolute ?
Hola Craig:
The fact that other servers break the rules is no excuse for
Tomcat to do
so.
If
If I recall correctly, it's actually sort of tricky to get this right.
You
might want to check the source for the Tomcat 4 implementation for
ideas -- I
believe it depends on the servlet container calling
Thread.setContextClassLoader() once you know which webapp you're running
in.
This only
Remy,
I wondered about the impact of logging.
I'm not personally interested in comparing 3.x and 4.x, just in getting a
database on 4.0. I also wonder if such a comparison might ignore the
feature differences noted in the rant postings last week.
I am interested in what the thruput and
On what HelloWorldExample performance predictsRoy: Well, not quite: it also
predicts an upper bound on the avg thruput, and a lower bound bound on the
average response time, of any more resource-intensive request on the
machine where the resource measurements were taken.
I don't agree with that.
Thruput, response, and perf servletsRemy, I should have said "throughput,
as in number of requests
processed per second". My point is that if some servlet S requires TC
to use more disk+cpu than the HelloWorldExample on a particular
machine, then TC's processing rate for S will be lower than it
At the end of this method, we changed the check interval, and then we
need to either start or stop the background thread that periodically
checks for resource updates. The code in this method handles the
following:
1. When the background thread is already running and we should be shutting
You're correct that this kind of code is appropriate (because the
component
has already been started without the thread).
Really ? The threadStart() call is in the start() method, and threadStop()
is always called in stop(). How would the thread need to be started if the
component is not
Remy Maucherat wrote:
You're correct that this kind of code is appropriate (because the
component
has already been started without the thread).
Really ? The threadStart() call is in the start() method, and
threadStop()
is always called in stop(). How would the thread need
BTW: I really like the resources package! I can think of several useful
implementations that I'd like to use, like one for CVS, or one for
JavaMail,
or ... lots more.
I like the Resources abstraction as well. Before we go whole hog at
creating new
implementations, though, I'd like us
I think it would be a good idea if compiled versions of the service, and other
native components were committed in the tree, esp for Windows.
All of this looks great (I like the NT service thing :))) !
Remy
Just so you know, I've been looking at the AccessLogValve,
and am working on getting it into shape to be re-enabled
in the default config. In the process, I'm writing a Valve
tester so we can test and benchmark Valves. It's already
running, but it's not quite ready for release yet..
I
Dear TOMCAT-DEV folks,
Well, it appears that we successfully licked a large number of the
problems with
3.2-beta-8, without introducing any serious new regressions. Therefore,
I'd
like to ask that we vote on the following three propositions:
(1) Build and release Tomcat 3.2 final on
rant
AAARRRGGGHHH I can't build Tomcat 4.0... Can we fix the build before the
next milestone gets out? It's 3 hours that me and Fede are bashing our
heads against it and GRRR :)
/rant
Can you send the compilation errors you get ? Perhaps it's just yet another
conditional
Yep! That's a full 10 seconds slower than the new version, making
the new version about 44% faster.
Great !
I'll commit the patch later today.
This test is single-threaded, but I think it still shows noticeable
performance improvement.
Something else that I could do with this that I
Quoting "Craig R. McClanahan" [EMAIL PROTECTED]:
Logging messages in some other environments -- and even Tomcat 3.x IIRC
-- are
actually written out by a background thread, rather than the main
request-processing thread (as it currently is with Catalina, or at least
it was
last time I
Quoting "Craig R. McClanahan" [EMAIL PROTECTED]:
To my knowledge, this is not a known issue. In fact, I've got tons of
stuff
that
depends on request parameters working just fine in 4.0. I would be
very
interested
in a simple test case that can reproduce what you're seeing.
I know that
Remy Maucherat wrote:
Also, in which package should this tester code reside, really?
org.apache.catalina.valves.tester ?
Well, if the hi-tech stocks continue to dive, I guess we can all go get
jobs as
plumbers, testing valves :-)
Oh, ok, it all makes sense now. You were planning your
Quoting "Pier P. Fumagalli" [EMAIL PROTECTED]:
rant of a desperate coder
Grrr... I sent some huge commits almost 1+1/2 hours ago...
R
Sorry, now it takes almost 3 hours to get them.
Remy
Proposal #1: Release a Tomcat 3.1.1 that fixes *only* the security
problems
+1.
Proposal #2: Release a Tomcat 3.2.1 that fixes the following security
problems
plus the patches committed to date.
+1.
Remy
Synopsis:
Browser issues a "document contains no data" when a secure page is accessed
by an valid, unauthorized user (wrong role).
I tested with my HTTP client, and got that :
[Slide]$ get /webdav/
snip
Request: GET /webdav/ HTTP/1.1
GET /webdav/ HTTP/1.1
Content-Length: 0
Authorization:
I've spent the last two days building a meta-build system. It consists of
an abstract definition of the system that you want to build, in XML. A
concrete user profile, also in XML, binding names to locations to where
you
want them to reside on disk. And, finally, an XSLT transform which
There's still the "religious" war over "build inside my source directory"
versus "build someplace else". I am of the latter camp -- partly
because that's the way Tomcat has built ever since it was first released
to Apache,
and partly because I've grown to like it -- but if everyone wants it
has anyone actually gotten m5 to startup on win98?
i sure can't.
I tried with Cygwin, and it didn't work either.
The Windows Java exe apparently can't understand a Unix style classpath :(
Remy
tomcat 4.0m5 doesn't deal very well (actually it dumps the previous stack
trace) if you delete the examples webapp.
it would be nice if one could delete a webapp and have it not crash the
server.
I think that's probably because the "examples" context is specifically
declared in the
It doesn't include the port number in the links of the output and
therefore,
the links are invalid.
Also, what is responsible for generating the directory listings? I tried
to
find the source code for it so that I could patch it myself, but I
couldn't
find it!
Originally it was in
on 12/17/2000 7:41 PM, "[EMAIL PROTECTED]" [EMAIL PROTECTED]
wrote:
- Path generation should be more robust.
Problems reported by Jon. I'm waiting for feedback on this, as I've been
unable to reproduce the bugs.
I can't confirm that this fixes it cause I can't even compile Tomcat. :-)
Any ideas why a stock m5 won't run on MacOSX beta 2?
java version "1.2.2"
Java HotSpot(TM) Client VM (1.3.0, mixed mode, internal release build)
Craig forgot to package jndi.jar with the M5 distribution, so if you're
running JDK 1.2 it will complain :(
Download JNDI 1.2 from Sun, and put the
* The good point with TC 4.0 are all the good things inside (JMX, JAXP
1.0/1.1)
The bad point on TC 4.0 are all these good things (JMX, JAXP 1.0/1.1).
You have seens the thread on '[PROPOSAL] building is easy'. We need too
many
things now to build TC 4.0.
You need JAXP, JSSE and
Quoting Nacho [EMAIL PROTECTED]:
Please be carefull when you write something about anybody, have a look
at commits please... Henri, P. Delisle and I are the only ones here
that
had contribute to ALL present versions of Tomcat, *ALL* dont forget
that, and i feel involved on ALL of them, if
Quoting Costin Manolache [EMAIL PROTECTED]:
That's even worse - all the flames that start up
whenever code from 4.0 is reused in 3.x. What's the
problem ??? Are you afraid of "featurism" ( i.e. are
good for 4.0 but bad for 3.3 ) ?
It's open source code, and it's right to reuse it
Quoting Jason Brittain [EMAIL PROTECTED]:
I wrote up a text file about benchmarking and comparing Tomcat-4.0-M5
(pre-release)
and Apache 1.3.12. It's attached to this message. I wrote it for
anyone who is interested
(even non-Java-saavy people) to know how the raw content serving
Quoting Sam Ruby [EMAIL PROTECTED]:
Jon Stevens wrote:
Why does this scare me into thinking that if people
start to base their code on top of this that they
will be tying themselves to a single servlet engine?
Isn't that something that we were trying to avoid?
Correct me if I'm
Hi Craig,
I've just been looking through Bootstrap.java and the classloader docs in
Catalina because I need to do some classloading hacks of my own. Congrats,
the code is really clear and it's (finally) helped me understand how the
whole classloader delegation thing works.
Anyway, just a
Quoting Thomas Butter [EMAIL PROTECTED]:
For example if in line 257:
requestLine.uri[readCount] = (char) buf[pos];
readCount++;
pos++;
buf[pos] is undefined the last fill called by the last read() only got
one byte (which was enough for the
Quoting Thomas Butter [EMAIL PROTECTED]:
I think the problem won't be triggered by a small buffer,
but by tcp packet that ends 1 byte after the current buffer.
If the next packet didn't arrive when fill() is triggered
the next time then pos==0 and count==1, the read then does a
pos++.
Here's
I attached a little patch that reimplements the used methods of the BIS.
It should be a little bit faster because it doesn't implement marks.
Not sure if it is worth the extra code because read() isn't called very
often anyway and if read(byte []) is used anywhere then it should be
rewritten
I think you should subclass FilterInputStream, because it will provide
you default implementations for the read(xxx) methods by calling the
read() method.
InputStream.read(b[], off, len) and skip(n), which are the two that I didn't
implement (yet) look good enough to me (they both will end up
David Weinrich wrote:
Now that it's an Apache project, I am +1 for using it ... both here, and
as an
implementation of org.apache.catalina.Logger for the general purpose
logging
that goes on inside Catalina.
+1.
Will it be required to build ?
I will be examining your patches (and Kief's
Remy Maucherat wrote:
I have an issue with 4.1 code (fresh from CVS) at the moment -- the JSP
examples
do not run correctly. That is, any JSP page that references a bean class
that
is loaded from WEB-INF/classes or WEB-INF/lib fails to find that class.
The classpath generation for Jasper
Insofar as any of us can predict the future, I would say the answer to
this is
definitely yes. Among other things, the lack of a timeout creates a
pretty easy
DOS attack against a Tomcat server -- simply open enough socket
connections to
exhaust the configured pool size, and just sit there.
-0. Why not make it optional for standard use as well? If I use Tomcat
for development only, I'm not concerned with security and don't
want to mess with policy files.
Same here. There's a switch for the naming features, and I think it should
be the same with the security manager.
Remy
So, Apache is the boss of Costin and pays him to do work on Tomcat 4 but
he
works on 3.3 instead?
Nearly all the open-source projects out there have a "boss" who gets to
decide whether or not they like your stuff. If you fail to convince them
that your stuff is the One and Only Good Way to do
Hi,
Hi there !
today I looked through the webdav servlet. Now I have two questions: On
an OPTIONS request the header is not containing the "MS-Author-Via: DAV"
line.
I just had a brief look at ftp://ftp.isi.edu/in-notes/rfc2518.txt
and guess what I could not find any reference for
-Original Message-
From: Jon Stevens [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 17, 2001 20:17
on 1/17/01 10:28 AM, "[EMAIL PROTECTED]" [EMAIL PROTECTED]
wrote:
Why was it one of your worst days? I don't see how it could have been
bad,
nor do I see how that could
In general, I hope we are cautious about adding non-standard headers like
this. It is not a precedent I particularly like, but I can see the
reasoning
for doing it this time.
Agreed, but apprently mod_dav (ie, Apache 2.0) is doing the same.
It's such an insignificant change that I couldn't
Quoting Jon Stevens [EMAIL PROTECTED]:
on 1/19/01 11:51 AM, "Craig R. McClanahan"
[EMAIL PROTECTED]
wrote:
Agreed ... I'm talking about the *Apache Tomcat* release cycle, where
we
agreed in the release plan to have a feature freeze / bug fix round on
4.0,
and work towards a
Quoting "Craig R. McClanahan" [EMAIL PROTECTED]:
THE PROPOSED DESIGN PATTERN:
This is an adaptation of the pattern that Peter Donald proposed
yesterday, to be
slightly more aligned with the Filter API:
public interface Valve {-- similar to javax.servlet.Filter
public
Quoting "Craig R. McClanahan" [EMAIL PROTECTED]:
You would still need to wrap the response, for example, if your Valve
wanted to
modify the data content of the response (such as applying compression,
or an XSLT
transformation).
Ok.
BTW, I think compression should be part of the HTTP
Quoting "Craig R. McClanahan" [EMAIL PROTECTED]:
org.apache.catalina.facade.XFacade
Nice package name. I wonder where you got it :)
* Pass the internal object to the constructor (the facade
will be a wrapper around it).
* Implement the appropriate servlet API interface (so the
facade
Quoting "Craig R. McClanahan" [EMAIL PROTECTED]:
Kurt Schrader wrote:
So what do we need a 4.1 branch for then?
If we take the action Remy recommends, we won't. I'm +1 for this (it
will certainly
reduce the effort of double-committing all the changes), if we're
willing to accept
the
On 20 Jan 2001 [EMAIL PROTECTED] wrote:
- Add a new "unpackWARs" flag in the StandardHost : if true, the host
will
deploy WARs as before. If false, the WARs found in the host path
won't
be unpacked and the WARDirContext will be used.
Very very cool.
:)
I guess I get the award
* POSSIBLE ITEM: Tweak the lifecycle APIs so that we can implement
running Catalina under the "invocation" interface in the services
directory.
Among other things, this will allow running Tomcat 4.0 stand alone on
port 80, without having to run as root. (No volunteer yet to work on
I've just completed the merge, which was way easier to do than what I
expected.
Feel free to send bugs reports / comments ...
Remy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
Quoting Tim Tye [EMAIL PROTECTED]:
I would like to see the encoding of the input stream fixed in this
release also. At
least use the value of ServletRequest.setCharacterEncoding() to specify
the encoding
of parameter names and values. (BugRat #785).
+1 for fixing #785 (I still can't
It should be noted that when this plan comes up for a vote, a +1 by a
committer will constitute a commitment not only to helping with the
release,
but to provide maintenance support beyond the release.
Is it a request for a vote ?
As I understand it, it's a request for a final review of
Quoting "Bucknam, Brian" [EMAIL PROTECTED]:
Why not try to continue if getRealPath() returns null? The Servlet 2.2
spec
allows containers to return null if they feel like it. (Haven't
checked
this in 2.3).
Very good point. With my latest patch, getRealPath() will always return null if
I updated Tomcat 4 which has the new code that allows running directly
from a WAR file. A few comments about this.
I will refer to the 'examples' context in my comments.
The directory 'work/localhost/examples/classes is created for
the contents of 'webapps/examples/WEB-INF/classes.
Remy Maucherat wrote:
Then those jar files and class files need to be in a directory that won't
possibly
conflict with jasper if a user has a directory named "classes" in the root
of
their context which contains JSP's. Please use WEB-INF/lib and
WEB-INF/classes
in the work d
Since characters in Java are UNICODE, what does this code do when it
encounters a character who's code point is greater than 0xFF?
My suggestion, is to first encode the path as a UTF-8 byte array, then
encode the bytes according to this algorithm
Yes, the writer should probably use the "UTF-8"
Tomcat 3.3 Release Plan Ballot:
[ ] +1 I am in favor of this plan and will help
[X] +0I am in favor of this plan, but am unable to help
[ ] -0I am not in favor of this plan
[ ] -1 I am against this plan being executed, and my
reason is:
Remy
- Original Message -
From: "Pier P. Fumagalli" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, January 30, 2001 1:18 PM
Subject: BugZilla is UP...
Thanks to Ignacio Ortega and Nick Baumann who did all the work, we finally
have migrated all bugs for Tomcat
I developed an JNDI ObjectFactory that is used to read User Objects from
LDAP.
When I run a test program and perform a lookup it works fine. But when I
use it
within Tomcat 4.0 it ignores the java.naming.factory.object and
java.naming.factory.state attributes that I am setting when creating
Quoting Arthur T Smyles [EMAIL PROTECTED]:
Thanks for you quick response. It has though brought about more
questions. For
example, if I had the following code
Hashtable env=new Hashtable();
env.put("java.naming.factory.initial","com.sun.jndi.ldap.LdapCtxFactory");
env.put
Ok,
He has been sending lots of excellent patches as well as the fact that he
already has an apache.org account. I think we should give him commit
access.
+1.
Remy
We need two more +1's from others with commit access.
-jon
Quoting Arthur T Smyles [EMAIL PROTECTED]:
While I understand that J2EE spec has a standard way of getting
resources,(including I imagine other JNDI Contexts), I still think that
this
approach should also be allowed for the following reasons:
Ok, I don't really know what we're talking about
Quoting [EMAIL PROTECTED]:
I can say the same about building in the source directory... It just
feels
wrong and ugly ( kind of like having .class and .java in the same
directory, instead of using javac -d ).
Same here, I hate that too.
Since most people involed with Tomcat seem to like it
It appeared to me that all the bugs converted from BugRat were assigned to
"[EMAIL PROTECTED]". I've already reassigned the ones on Struts to me,
and
will do the same for the Tomcat 4 issues, so at least you will stop
getting mail
on those ...
Most of the Catalina specific issues should be
Kief has recently proposed improvements to the session management code
in Tomcat 4, and wants to continue helping out. I hereby propose him as
a committer on the Tomcat project. Votes, please?
+1.
Remy
-
To unsubscribe,
Hi,
I'm putting together the next version of the Turbine
Development Kit and I was wondering what repository I
should be using: the 4.0 or 4.1 repository. I don't
want to debug something I don't have to :-)
4.0.
4.1 is a development branch which is temporarily abandoned.
Remy
I was wondering what the status of getting Tomcat 4 ready for its next
beta release currently is. I have finished implementing the Java
SecurityManager
and the changes to jasper class loading. I know we took a step back to
make a few
architectural changes. Are those all in place now?
I
- Please return this portion with your vote -
Tomcat 3.2.2 Release Plan Ballot:
[ ] +1 I am in favor of this plan and will help
[X] +0I am in favor of this plan, but am unable to help
[ ] -0I am not in favor of this plan
[ ] -1 I am against this plan being
If you like that patch, you'll probably also like
the ones I sent in on Friday -- messages with the
title
"[PATCH] TC4: TomcatBlock on Avalon 3.1a1"..
I'm -1 on applying the Avalon patch in the 4.0 tree.
The rationale is :
- Avalon isn't ready yet. It's still in alpha stage, and I fear there
Craig and I thought that it might be a good idea to add Developer's
Guide to Tomcat-4.0 documentation. I made a few changes to Tomcat-3.2
developer's guide. The attachment can be added to catalina\docs.
Please let me know if anything else needs to be changed or added.
There are a few
How in apache do I get all my .jsp files to be executed by tomcat.
Even when I use the WebAppMount, the servlets work, but it won't execute
the jsp. Basically I don't car about servlets, I just want my server
to recognize any *.jsp and have tomcat 4.0 execute without having to
specify a
Hi,
I am having an HTML page with multiple forms and all
of them are handled by the same servlet. The forms are
resolved using hidden field in the servlet. With
catalina 4.0 beta (build) when I hit back in IE and
submit second form in the page. I get blank page. If I
recompile the servlet,
The Tomcat 3.2 standalone does not seem to support http status code 304
('if-modified-since', code SC_NOT_MODIFIED) and is always sending back the
entire file, even it has not been modified.
Is it going to be supported by versions '3.3' or 4.0 ?
All HTTP/1.1 ifs headers should be supported
I was looking at the classloader documentation in cvs at
catalina/docs/dev/classloaders.html and comparing it to
how Tomcat 4 actually sets up the classloaders. I found
some discrepancies.
According to the docs the System class loader (CLASSPATH)
has bin/bootstrap.jar and
The above changes remove one class loading layer from a web app,
allows Common classes to use property files and resources, and cleans
up the directories where jar files and classes are located.
The Catalina core would see the shared libraires, which is a very bad idea
IMO. We'll get into the
Remy Maucherat wrote:
Thats right! Ok, I retract my proposal for changing the class loaders.
What we can do is add a lib/classes/ repository to the shared
classloader.
I still think it would be a good idea to change the directory structure of
where the lib/classes are located to make
I tested Tomcat 4 after Craig's changes to jasper.
Initial watchdog run w/o Java SecurityManager, all tests passed.
Second run of watchdog immediately after the first run,
the following three tests failed.
FAIL GET
/jsp-tests/jsp/core_syntax/scripting/scriptlet/positiveScriptlet.jsp
Quoting Glenn Nielsen [EMAIL PROTECTED]:
That was part of the cleanup of where jar files are located to make it
easier to document/install jar files for the different class loaders.
The lib sub directories are there so that common and server can use an
optional classes directory for things
I just committed the changes to implement a DefaultContext element
which can be nested within an Engine or Host config. This was
something I really needed to simplify the amount of work it takes
to maintain a Tomcat 4 server.xml config when supporting multiple
virtual hosts. The biggest
Glenn Nielsen wrote:
On both Linux and Win98, I get an NPE at startup time:
Starting service Tomcat-Standalone
Apache Tomcat/4.0-dev
java.lang.NullPointerException
at
org.apache.catalina.core.StandardEngine.importDefaultContext(Standard
Engine.java:195)
at
+1
Remy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
Attatched is a _very_ early release of the SSI package. It's just the
initial framework
and one working SSI command 'fsize' which returns a file's size. Looks
like this:
'!--#fsize virtual="/tomcat.gif"--' I appologize for the
path in the Zipfile, for some reason Winzip screwed up my path.
What is the expected behaviour of Tomcat 4 when starting/stopping
in regards to unpacking war files.
I noticed what to me seems like strange behaviour.
The Host is configured in server.xml with unpackWARs="true".
ls of webapps before starting tomcat, notice that some of the war
files are
I consider this a bug. Tomcat should not be removing contexts that have
been expanded out into a directory in webapps.
If unpackWARs="false", then nothing is expanded out into webapss, the war
file is expanded out as needed into the work dir, correct?
The JARs are indeed expanded as a
If unpackWARs="false", then nothing is expanded out into webapss, the
war
file is expanded out as needed into the work dir, correct?
The JARs are indeed expanded as a temporary fix for Jasper. There is hope
that we can perhaps use a tweaked version of javac which would load
classes
from
On Fri, 2 Mar 2001, Craig R. McClanahan wrote:
Yes sure. I think the best would be not to unpack the WARs (it's a lot
cleaner).
+1, as long as we can keep performance reasonable.
Well, memory's cheap. You can always just read the whole WAR in.
Performance should be good with WARs
"Craig R. McClanahan" wrote:
Remy Maucherat wrote:
The original rationale for the current behavior was/is a very common
user error
with Tomcat 3.x -- it goes like this:
* User drops a WAR file into "webapps" and restarts Tomcat
* Tomcat auto-expands the WAR an
Quoting [EMAIL PROTECTED]:
YET: this same code works when I run it from a standalone Java
application.
I believe that tomcat's InitialContext() is preventing the remote
connection from being established.
Actually, it's a classloader related issue which has been fixed after beta 1.
Remy
Where is the interface document for tomcat object factories?
It's the standard JNDI interface : javax.naming.spi.ObjectFactory
The first parameter you get is a reference instance which contains a set of
parameters. The format of the reference is proprietary (since there is no
standard for
Quoting "Craig R. McClanahan" [EMAIL PROTECTED]:
Amy has recently joined the JSP/Servlet team at Sun, and has
contributed
several documentation updates and new tests for the test harness. She
would like to work on bug fixes, as well as participate in the
development
of better admin tools,
The Context.URL_PKG_PREFIXES environment variable is a colon-seperated
list
of package prefixes. However, when I set this environment variable to
"org.jnp.interfaces:org.apache.naming" and attempt to get a Context;
Context ctx = new InitialContext().lookup("java:/comp");
The lookup fails
According to NamingManager documentation, first it will look for
'org.jnp.interfaces.java.javaURLContextFactory' which does not exist, so
it
should next look for 'org.apache.naming.java.javaURLContextFactory' which
does exist.
So, this should work.
Indeed, my mistake. It should work, since
Hi,
Please vote for Casey Lucas as commiter.
+1.
Remy
Hi,
We don't (can't - java doesn't propogate the info out of the native
methods) know which is the case here. So, it seems we need to
close/reopen the server socket either way - unfortunate, since pending
connections could get dropped, but not too terrible, since accept errors
are fairly
I have a GUI for editing deployment descriptors in-place in J2EE
archives or directories laid out like archives (so far EJB 1.1 JARs,
Servlet 2.2 WARs, JCA 1.0 RARs). It's open-source under the X license,
though for the few weeks without a home on the web. I wonder if you'd be
interested
You can prove that it is not related to JSP by trying *any* URI that
includes JavaScript code, and triggers a 404, such as:
http://localhost:8080/examples/SCRIPTalert(document.cookie)/SCRIPT.xyz
The fix is to filter the message string included in the response, so
that
characters
1 - 100 of 2871 matches
Mail list logo
